The google query in the post returns "about 288,000" results, many of which come from the same domains. While agree that this is serious, the claim that 1M pages have been attacked (and who really cares about pages anyway -- the number of sites / domains seems far more important to me) seems exaggerated.

Google generally hides duplicate pages on a site. However if you use Advanced Search it finds "About 942,000 results", which is near enough a million, especially as some sites will have started clearing up infected pages by now.

Strange; earlier today (when I submitted the story), they were online.

The site redirected to this (http changed to hXXp): hXXp://plac41eadmi.rr.nu/n.php?h=1&s=slwhich redirected to hXXp://www3.smartnetworkzgx.Kwik.To/?92ut2bc2=Xafe2G%2BXmmKsk9Hb2KuYmuPir52umJ6tpuGxZZPJZ9agmKKkpJiY

Doesn't having a million-entry host file have some drawbacks? I expect either the whole thing is cached in memory (assuming 128 bytes per cache entry that's over 128 MB to cache the thing), or the file is linearly scanned every time you resolve a hostname, slowing down every single name resolution enormously. Either of those would kind of suck.

Large hosts files absolutely slow down lookups.Furthermore, he says he uses 3 different DNS servers, so he's really just getting the security of the intersection of all 3 blacklists.He also claims his hosts file and router prevent malware from dialing home, despite the fact that such malware often has hardcoded IPs and would never need to perform a DNS lookup.

The DNS/HOSTS troll has been around for a while, but the sad thing is it's not a copy-pasta. Each post is actually unique (though similar), so there's some moron begind the AC curtain actually typing that shit out every time. This troll is most easily identified by the formatting. it always has excessive sectioning, bolding, and use of asterisks, hyphens, and parentheticals. The end is always a "beat you over the head with it" moment. In this case it's a link to a Bing search on "how to secure" Windows XP/2000.

Fortunately he's a loon who posts AC. If he were a morpher with a million different IDs, then it would be expensive to mark posts from all his IDs with a score penalty, but fortunately, all you need to do is mark AC down, and you get rid of all of his irrational ranting, and lots more besides.

If you're willing to do this much work to avoid malware, well, go for it. Your performance gains, when compared to network latency, are probably so slight as to be imperceptible. Personally, I use AdBlock Plus and a local DNS server, and have never had issues with either malware, unwanted ads, or network performance. To each his own. If you don't want to get modded Troll, you might want to tone down on the caps and excessive bolding. You may have a legitimate technical point to make, but it gets lost in a t

Don't spend it all in one place. The dedicated rig does other useful stuff that I wouldn't want bogging down my desktop.

I've actually passed English courses in college while earning 2 degrees no less (A grades usually) - have you??

Yep. This is, after all, a "News for Nerds" site. You're not the only genius here. And the rest of us don't tend to use terms like "superior technical firepower" and go off on rants about things that represent a minute portion of IT.

I know DAMN WELL I do, & it kicks the trolls asses SO BADLY, that when I challenge them to disprove my technical points I posted on ANYTHING I POSTED?

I'm not trying to disprove your technical points; I'm saying that people aren't listening to you because of the way you present your argument. I'm happy with w

The malware site is hosted by Specialist Ltd in Transnistria, who are a totally black hat [dynamoo.com] operation. They can get away with it because almost nobody recognises the existence of Transnistria [wikipedia.org], so it is effectively outside the reach of international law enforcement.

Either you believe that Russia and the USA are simply working in harmony and all conflict is a ruse, in which case there is very little hope for freedom; or you should believe that they would love to see it happen, because it would make us look like assholes.

Well, if freedom for you is to be able to say bad things about USA, then you are fine. Then Brezhnev's Russia had all the freedom:

Brezhnev meets Reagan and the latter complains that Russia does not have freedom of speech, giving an example: "In US, everybody can go in front of White House and shout: Reagan is an idiot". Brezhnev retorts: "You can do the same in Russia: you can go to Red Square and shout: Reagan is an idiot".

Wow... read the wikipedia article on that place. Total backwater, no one knows about this "country". They still use old soviet socialist emblems on all their buildings and stationary. That's wierd in itself, but it just part of how out of the way this place is.

I'm pretty sure that people recognize the existence of the cities and people there, just not their autonomy. That would mean that the area is officially recognized as part of Moldova, and it would be up to the authorities in Moldova to put a stop to it. If they can't, then maybe they don't have control over the area, and if the local government can, then maybe they deserve official autonomy. Either way, the criminals aren't out of reach.

That would mean that the area is officially recognized as part of Moldova, and it would be up to the authorities in Moldova to put a stop to it.

The options of the Moldovan leadership are limited, because of Russian interference (as it is so often in this general area). It's not a case of Transnistria deserving official autonomy as much as a case of Russia imposing their will by military force and running roughshod over the rights of other countries, and over their own legal commitments. Transnistria is only recognized as a state by a few other fly-by-night former Soviet teritorries, such as Abkhazia, but Russia has opened a consulate there, and is

... Oh man I was worried for second! I thought the summary claimed that the javascript redirected you to download Adobe Flash. I was relieved to find out that it was a fake Adobe Flash download. Far less dangerous.

If I'm understanding it correctly, it relies on both of the two following things being true of a given web site (besides it using an MS SQL Server backend (or maybe it also works on Sybase database product(s) which also use the T-SQL language and might still have the involved system tables in common)):1) SQL commands constructed via string concatenation including web form text field values, and2) No sanitization of data coming out of the database before inserting into the HTML.

This has nothing to do with Microsoft. First, this is targeting classic ASP and Cold Fusion, that's a 15 year old technology that nobody uses anymore and a non-MS technology. Second, sql injection attacks are all about the application code, not the framework.

ColdFusion (it hasn't been "Cold Fusion" since 1998) has had parameterized SQL commands for a decade. The problem is that there is still a high percentage of ColdFusion developers who are not educated enough to know what they are or why they should use them.

CFML is such an easy language to program in that it encourages people who have not taken the time to learn the appropriate software engineering basics. It's a bit of a double-edged sword, really. Also, there's still a lot of 10+ year old ColdFusion